Solved

Unable to log on locally

Posted on 2001-08-28
7
137 Views
Last Modified: 2010-04-13

Hi,

by mistake i have disabled everyone (even administrators) to log on locally to w2k server by using Security Configuration And Analisys snap-in.

I can log on normally from client computers and do administrative tasks but i need local access too.

Is there any way to solve this problem?

P.S. I can log on locally in Safe Mode, but i can't reboot server much to often, can i?

Regards,
0
Comment
Question by:bibika
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 12

Expert Comment

by:Housenet
ID: 6432316
-Change the Domain policy to allow domain users to logon locally.
0
 

Author Comment

by:bibika
ID: 6432751

i cannot change domain policy because i cannot log on to domain :(((
0
 
LVL 3

Expert Comment

by:slang9
ID: 6432826
Try starting in safe mode, go to Programs, Administrative tools, Computer Management, Local users and groups, open Users, right-click on Administrator and choose set password
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 25

Accepted Solution

by:
dew_associates earned 75 total points
ID: 6433366
You can use the Microsoft Management Console Group Policy Editor snap-in in your Windows 2000 Server-based computer to assign "Log on locally" user rights to other users and groups:
 
1. Click Start, click Run, type "mmc" (without the quotation marks), and then press ENTER.
 
2. Click Console, and then click "Add/Remove Snap-in", click Add, and then double-click "Group Policy snap-in".
 
3. Click Browse for the group policy object, and then double-click the folder for your domain controller.
 
4. Double-click Default Domain Controllers Policy, click Finish, click Close, and then click OK.
 
5. Click Default Domain Controllers Policy, double-click the Computer Configuration branch to expand it, and then double-click the Windows Setting branch to expand it.
 
6. Double-click the Security Settings branch to expand it, and then double-click the Local Policies branch to expand it.
 
7. Double-click the User Rights Assignment branch to expand it, double-click the Log On Locally branch to expand it, and then click Add.
 
8. Click the users or groups you want to add, click OK, and then click OK.
 
9. Quit the Group Policy Editor snap-in by clicking Console, clicking Exit, and then clicking No.
 
NOTE: You do not have to save the console settings for the change to take effect. Active Directory replication must also occur between all domain controllers, and this could take up to 3 hours unless replication is forced.

Dennis
0
 
LVL 12

Expert Comment

by:Housenet
ID: 6435209
-load the adminpak.msi & do it from another station.
0
 

Author Comment

by:bibika
ID: 6435390

way to go :))))

thanx a lot!
0
 
LVL 25

Expert Comment

by:dew_associates
ID: 6436142
Glad I could help
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Original post  on Monitis Blog. Web performance monitoring is broken into two camps: passive and active. Passive monitoring is defined as looking at real-world historical performance by monitoring actual log-ins, site hits, clicks, requests for…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question